Managing Private Credentials by Privacy-Preserving Biometrics

  • Bian YangEmail author
  • Guoqiang Li
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11263)


We investigate in this paper the need to managing a user’s private credentials using privacy-preserving biometrics, define several private credential management work models under different trust models between a user and an external party. A general pipeline using privacy-preserving biometrics for private credential management is proposed to achieve the purpose of biometric template protection, biometric-secret binding, and biometric recognition accuracy performance improvement. The proposed scheme was implemented and tested in the European CIP project PIDaaS, and demonstrated advantages in privacy preservation and accuracy performance preservation.


Private identity Privacy-preserving biometrics Biometric template protection Biometric-secret binding User-centric identity management 


  1. 1.
    Google Identity Platform.
  2. 2.
  3. 3.
  4. 4.
  5. 5.
  6. 6.
    Alrodhan, W., Mitchell, C.: Enhancing user authentication in claim-based identity management. In: 2010 International Symposium on Collaborative Technologies and Systems, pp. 75–83 (2010)Google Scholar
  7. 7.
    Yang, B., Chu, H., Li, G., Petrovic, S., Busch, C.: Cloud password manager using privacy-preserved biometrics. In: Proceedings of 2014 IEEE International Conference on Cloud Engineering (2014)Google Scholar
  8. 8.
    ISO/IEC 24745: Biometric information protection (2011)Google Scholar
  9. 9.
  10. 10.
    Nandakumar, K., Jain, A.: Biometric template protection: bridging the performance gap between theory and practice. IEEE Sig. Process. Mag. 32(5), 88–100 (2015)CrossRefGoogle Scholar
  11. 11.
    Bui, F., Martin, K., Lu, H., Plataniotis, K., Hatzinakos, D.: Fuzzy key binding strategies based on quantization index modulation (QIM) for biometric encryption (BE) applications. IEEE Trans. Inf. Forensics Secur. 5(1), 118–132 (2010)CrossRefGoogle Scholar
  12. 12.
    Juels, A., Wattenberg, M.: A fuzzy commitment scheme. In: Proceedings of the 6th ACM Conference on Computer and Communications Security, pp. 28–36 (1999)Google Scholar
  13. 13.
    Juels, A., Sudan, M.: A fuzzy vault scheme. Des. Codes Crypto. 38(2), 237–257 (2006)MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Buhan, I., Doumen, J., Hartel, P., Veldhuis, R.: Constructing practical fuzzy extractors using QIM centre for telematics and information technology. University of Twente, Enschede, Technical report. TR-CTIT-07-52, pp. 1381-3625 (2007)Google Scholar
  15. 15.
    Sutcu, Y., Li, Q., Memon, N.: Protecting biometric templates with sketch: theory and practice. IEEE Trans. Inf. Forensics Secur. 2(3), 503–512 (2007)CrossRefGoogle Scholar
  16. 16.
    Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J. Comp. 38(1), 97–139 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  17. 17.
    Teoh, A., Ngo, D., Goh, A.: Biohashing: two factor authentication featuring fingerprint data and tokenised random number. Pattern Recogn. 37(11), 2245–2255 (2004)CrossRefGoogle Scholar
  18. 18.
    Yang, B., Busch, C., Gafurov, D., Bours, P.: Renewable minutiae templates with tunable size and security. In: ICPR, pp. 878–881 (2010)Google Scholar
  19. 19.
    Yang, B., Hartung, D., Simoens, K., Busch, C.: Dynamic random projection for biometric template protection. In: IEEE BTAS, pp. 1–7 (2010)Google Scholar
  20. 20.
    Simoens, K., et al.: Criteria towards metrics for benchmarking template protection algorithms. In: ICB (2012)Google Scholar
  21. 21.
  22. 22.

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Norwegian University of Science and Technology (NTNU)GjøvikNorway

Personalised recommendations